US NAVY: Hackers 'Jumping The Air Gap' Would 'Disrupt The World Balance Of Power'

The next generation hackers may be taking to sound waves, and the Navy is understandably spooked.

Speaking at last week's Defense One conference, retired Capt. Mark Hagerott cited recent reports about sonic computer viruses as one way that hackers could "jump the air gap" and target systems that are not connected to the Internet.

"If you take a cybernetic view of what's happening [in the Navy], right now our approach is unplug it or don't use a thumb drive," Hagerott said. But if hackers "are able to jump the air gap, we are talking about fleets coming to a stop."

For a long time the thought was that an air gap (systems that are not connected to the Internet) rendered networks pretty much impenetrable.

Then the Stuxnet virus happened — an Iranian nuclear scientist with an infected thumb drive walked a virus through the air gap and unknowingly uploaded a destructive virus onto a network controlling nuclear centrifuges. This attack not only damaged Iran's nuclear facilities, but it also signaled the dawn of kinetic cyber attacks (the kind that cause physical damage) and the revealed the vulnerability of air gaps.

[Security consultant Dragos] Ruiu said he arrived at the theory about badBIOS's high-frequency networking capability after observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer.

The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine's power cord so it ran only on battery to rule out the possibility that it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine.

Then, when Ruiu removed the internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped.

There are a few analysts out there who say this type of BIOS hack of a computer's speakers is impossible, but nonetheless, the military applications of such a hack would be astonishing — especially if it didn't require a thumbdrive to upload the initial piece of BIOS malware.

Exploiting and remotely shutting down a Navy ship's software "gives you a nonlethal warfare capacity at sea," Peter Singer, a Brookings Institution national security analyst, said in an interview after speaking at the Defense One Summit. Commanders could give an order like, “Don't let this enemy fleet seize these island chains, but also don't let it turn into a shooting war.”

Ships would find their targeting software exploited and shut down, possibly even hijacked.

"The ships are floating SCADA systems," Hagerott said, making reference to the same highly vulnerable Supervisory Control And Data Acquisition networks that run utilities in America.

Of course, the ships aren't exactly sitting ducks. Singer said serious security consultants look at air gaps "like the balloons nuns use to keep students from touching each other at a dance," implying that other safe guards are always employed as a safety.

No network is impenetrable, Singer said, and right now the focus should be on resiliency, a technical term which assumes that an attack will slip through, and puts emphasis on survivability.

Still, "I'm sure there are a lot of people in room somewhere thinking about this [type of sonic exploit]" Hagerott said.